HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=25)
-   -   Mass block subnets (http://www.howtoforge.com/forums/showthread.php?t=58026)

oyo 21st July 2012 23:46
Mass block subnets
 
Hi,
I'm running ISPC3 on Ubuntu 11.04, and is looking for a good way to mass block subnets (basically countries), and not f**k things up with ISPC.
I'm thinking of using this page as a source for IPs.

I've been searching, and found this that looks almost perfect but, the only thing is that I want to block with the format ip 1.2.3.4/24,
and also I'm not sure if this script is compatible with ISCP3? Anyone have some input on that?

I also found this link, but I don't want to do it all manually, when its tens of thousand of subnets! Anyone have a script that can do the same thing, but read the subnets from a file?

Or does anyone have some other good advice for me?

pititis 22nd July 2012 15:18
Try this script


Code:
#!/bin/bash

_input=countries.txt
IPT=/sbin/iptables
$IPT -N COUNTRIES-BLACKLIST
while IFS= read -r ip
do
        $IPT -A COUNTRIES-BLACKLIST -i eth0 -s $ip -j DROP
        done < "$_input"
        $IPT -I INPUT -j COUNTRIES-BLACKLIST
        $IPT -I OUTPUT -j COUNTRIES-BLACKLIST
        $IPT -I FORWARD -j COUNTRIES-BLACKLIST
and put the subnets in the countries.txt file:
Code:
60.160.0.0/15
223.165.4.0/22
run the script and test iptables:

Code:
iptables -L COUNTRIES-BLACKLIST -n
Cheers!

chrislim2888 26th July 2012 11:49
For block countries list, you can easily get it from various free site, like, https://www.ip2location.com/free/visitor-blocker


All times are GMT +2. The time now is 00:53.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.